If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

This vulnerability allowed hackers to develop an attack that could have caused significant computer damage during regular Internet use.

This vulnerability resulted from the failure of Yahoo’s active content filter to adequately block ActiveX controls and other active content components, and affected all Windows based system platforms that read e-mail messages using Yahoo Web-mail service. Active X controls are downloadable programs that run with the same rights and privileges as the user, allowing access to files and personal information stored on a local hard drive or shared folder. A no-click attack could have launched automatically once a user opened an e-mail message.

For example, the vulnerability could have also potentially allowed a worm to read Windows address book, replicate and send itself to everyone in the address book, and have this process repeat at an exponential rate. It could have also harvested email addresses from local files, just like any other worm, and use the Yahoo web-mail vulnerability to send the email messages. Other web-based e-mail systems may be vulnerable to this vulnerability.

Technical details:

The potential worm could do anything that the user could do.

It is a potentially automatic attack.

Users had to simply read the infected email message.

This was a cross-site scripting vulnerability of the Yahoo! Web-based e-mail service.

There are two variants of this vulnerability.

The purpose of Yahoo's active content filter is to block the injection of any active content into Yahoo! messages.

However, the basic failure that allowed this vulnerability is that there was no blocking of a backslash that is used instead of the import rule.